Go CORS: Cross-Origin Resource Sharing

The following CORS middleware should handle most use cases:

type CORSHandler struct {
	Next http.Handler
}

func (h CORSHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
	origin := req.Header.Get("Origin")
	if origin == "" {
		h.Next.ServeHTTP(w, req)
		return
	}

	header := w.Header()
	header.Set("Access-Control-Allow-Origin", origin)
	header.Set("Access-Control-Allow-Credentials", "true")

	if req.Method == http.MethodOptions {
		header.Set("Access-Control-Allow-Methods", "GET,PUT,POST,DELETE,HEAD")
		header.Set("Access-Control-Allow-Headers", "authorization,content-type,content-length")
		header.Set("Access-Control-Max-Age", "86400")
		return
	}

	h.Next.ServeHTTP(w, req)
}

router := bunrouter.New()

handler := http.Handler(router)
handler = CORSHandler{Next: handler}

Alternatively, you can use corsopen in new window module:

import "github.com/rs/cors"

router := bunrouter.New()

handler := http.Handler(router)
handler = cors.Default().Handler(handler)

See exampleopen in new window for details.

Last Updated: